7

I cant connect to my instance on ec2. All was ok early, and I think now problem in ufw.

When I configured my server I enable ufw for 80 port and maybe its disable 22 port. Because early all was ok, but now i cant connect by ssh.

How can i connect to my ec2 instance and allow 22 port again?

Yura Bysaha
  • 721
  • 6
  • 17

2 Answers2

10

You could use the following simplest way (user-data) to turn off the ufw then access the instance and edit your firewall.

  1. stop the instance
  2. Edit the user data to disable the ufw once and let you access the instance
  3. start the instance

Following is the user data:

Content-Type: multipart/mixed; boundary="//"
MIME-Version: 1.0

--//
Content-Type: text/cloud-config; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="cloud-config.txt"

#cloud-config
cloud_final_modules:
- [scripts-user, once]

--//
Content-Type: text/x-shellscript; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="userdata.txt"

#!/bin/bash
sudo ufw disable
--//

See my answer here enable firewall port 22 on ec2 server after disable it

Thomas
  • 1,805
  • 1
  • 15
  • 31
  • Could you explain second part? How can i do this? – Yura Bysaha Oct 03 '18 at 16:13
  • 1
    user data is the scripts to run when the instance launches. The user data I provided uses cloud-config to disable the ufw You could following the link below to update your user data and restart your instance, then you could be able to access your instance agin. After login, you could edit your ufw rules again https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html#user-data-view-change – Thomas Oct 03 '18 at 16:28
  • thx. it's easiest way for this. its took 2 min, and i am happy!) – Yura Bysaha Oct 10 '18 at 12:06
  • Thanks for this answer, a life saver. _ /\ _ – amrendra Mar 16 '20 at 18:29
2

You have to check the security group under the EC2 instance and enable/add the port 22 over there. After that you can check the apache on port 80.

If you have accidently blocked the port then us this link to reset it again https://u.osu.edu/walujo.1/2017/04/21/how-to-fix-ec2-instance-when-you-accidentally-block-port-22/

Anoop Kumar
  • 845
  • 1
  • 8
  • 19
  • Yes, 22 port in security group is enabled, I was disable port 22 on instance by this ufw. Previous answer is helps, but thank you for your case, i guess for somebody it can be helpfully. – Yura Bysaha May 14 '20 at 07:22